| Home >> All >> org >> acegisecurity >> [ providers Javadoc ] |
• org.acegisecurity.providers: Javadoc index of package org.acegisecurity.providers.
Package Samples:
• org.acegisecurity.providers.cas.ticketvalidator: An authentication provider that can process Yale Central Authentication Service (CAS) service tickets and proxy tickets.
• org.acegisecurity.providers.cas.populator: An authentication provider that can process Yale Central Authentication Service (CAS) service tickets and proxy tickets.
• org.acegisecurity.providers.x509.cache: Implements a provider-based approach to authentication decisions.
• org.acegisecurity.providers.rcp: Implements a provider-based approach to authentication decisions.
• org.acegisecurity.providers.dao.salt: An authentication provider that relies upon a data access object.
• org.acegisecurity.providers.dao.cache: An authentication provider that relies upon a data access object.
• org.acegisecurity.providers.anonymous: Implements a provider-based approach to authentication decisions.
• org.acegisecurity.providers.jaas.event: An authentication provider for JAAS.
• org.acegisecurity.providers.x509
• org.acegisecurity.providers.x509.populator
• org.acegisecurity.providers.rememberme
• org.acegisecurity.providers.jaas
• org.acegisecurity.providers.encoding
• org.acegisecurity.providers.dao
• org.acegisecurity.providers.cas
• org.acegisecurity.providers.cas.proxy
• org.acegisecurity.providers.cas.cache
Classes:
• JaasAuthenticationProvider: An org.acegisecurity.providers.AuthenticationProvider implementation that retrieves user details from a JAAS login configuration. This AuthenticationProvider is capable of validating org.acegisecurity.providers.UsernamePasswordAuthenticationToken requests contain the correct username and password. This implementation is backed by a JAAS configuration. The loginConfig property must be set to a given JAAS configuration file. This setter accepts a Spring org.springframework.core.io.Resource instance. It should point to a JAAS configuration file containing an index matching the loginContextName 55 ...
• AbstractUserDetailsAuthenticationProvider: A base org.acegisecurity.providers.AuthenticationProvider that allows subclasses to override and work with org.acegisecurity.userdetails.UserDetails objects. The class is designed to respond to org.acegisecurity.providers.UsernamePasswordAuthenticationToken authentication requests. Upon successful validation, a UsernamePasswordAuthenticationToken will be created and returned to the caller. The token will include as its principal either a String representation of the username, or the org.acegisecurity.userdetails.UserDetails that was returned from the authentication repository. Using String is appropriate ...
• ProviderManager: Iterates an org.acegisecurity.Authentication request through a list of AuthenticationProvider s. Can optionally be configured with a ConcurrentSessionController to limit the number of sessions a user can have. AuthenticationProvider s are tried in order until one provides a non-null response. A non-null response indicates the provider had authority to decide on the authentication request and no further providers are tried. If an AuthenticationException is thrown by a provider, it is retained until subsequent providers are tried. If a subsequent provider successfully authenticates the request, the ...
• StatelessTicketCache: Caches CAS service tickets and CAS proxy tickets for stateless connections. When a service ticket or proxy ticket is validated against the CAS server, it is unable to be used again. Most types of callers are stateful and are associated with a given HttpSession . This allows the affirmative CAS validation outcome to be stored in the HttpSession , meaning the removal of the ticket from the CAS server is not an issue. Stateless callers, such as remoting protocols, cannot take advantage of HttpSession . If the stateless caller is located a significant network distance from the CAS server, acquiring ...
• CasProxyDecider: Decides whether a proxy list presented via CAS is trusted or not. CAS 1.0 allowed services to receive a service ticket and then validate it. CAS 2.0 allows services to receive a service ticket and then validate it with a proxy callback URL. The callback will enable the CAS server to authenticate the service. In doing so the service will receive a proxy-granting ticket and a proxy-granting ticket IOU. The IOU is just an internal record that a proxy-granting ticket is due to be received via the callback URL. With a proxy-granting ticket, a service can request the CAS server provides it with a proxy ...
• CasAuthoritiesPopulator: Populates the UserDetails associated with a CAS authenticated user. CAS does not provide the authorities (roles) granted to a user. It merely authenticates their identity. As the Acegi Security System for Spring needs to know the authorities granted to a user in order to construct a valid Authentication object, implementations of this interface will provide this information. A org.acegisecurity.userdetails.UserDetails is returned by implementations. The UserDetails must, at minimum, contain the username and GrantedAuthority[] objects applicable to the CAS-authenticated user. Note that Acegi Security ...
• RemoteAuthenticationProvider: Client-side object which queries a RemoteAuthenticationManager to validate an authentication request. A new Authentication object is created by this class comprising the request Authentication object's principal , credentials and the GrantedAuthority []s returned by the RemoteAuthenticationManager . The RemoteAuthenticationManager should not require any special username or password setting on the remoting client proxy factory to execute the call. Instead the entire authentication request must be encapsulated solely within the Authentication request object. In practical terms this means the RemoteAuthenticationManager ...
• SecurityContextLoginModule: An implementation of javax.security.auth.spi.LoginModule that uses an Acegi Security SecurityContext to provide authentication. This LoginModule provides opposite functionality to the JaasAuthenticationProvider API, and should not really be used in conjunction with it. The JaasAuthenticationProvider allows Acegi to authenticate against Jaas. The SecurityContextLoginModule allows a Jaas based application to authenticate against Acegi. If there is no Authentication in the SecurityContextHolder the login() method will throw a LoginException by default. This functionality can be changed with the ignoreMissingAuthentication ...
• CasAuthenticationProvider: An org.acegisecurity.providers.AuthenticationProvider implementation that integrates with Yale Central Authentication Service (CAS). This AuthenticationProvider is capable of validating org.acegisecurity.providers.UsernamePasswordAuthenticationToken requests which contain a principal name equal to either CasProcessingFilter.CAS_STATEFUL_IDENTIFIER > CasProcessingFilter.CAS_STATEFUL_IDENTIFIER 55 or CasProcessingFilter.CAS_STATELESS_IDENTIFIER > CasProcessingFilter.CAS_STATELESS_IDENTIFIER 55 . It can also validate a previously created CasAuthenticationToken .
• AnonymousAuthenticationProvider: An org.acegisecurity.providers.AuthenticationProvider implementation that validates AnonymousAuthenticationToken s. To be successfully validated, the AnonymousAuthenticationToken.getKeyHash() 55 must match this class' getKey() 55 .
• TestingAuthenticationProvider: An AuthenticationProvider implementation for the TestingAuthenticationToken . It simply accepts as valid whatever is contained within the TestingAuthenticationToken . The purpose of this implementation is to facilitate unit testing. This provider should never be enabled on a production system .
• JaasAuthenticationCallbackHandler: The JaasAuthenticationCallbackHandler is similar to the javax.security.auth.callback.CallbackHandler interface in that it defines a handle method. The JaasAuthenticationCallbackHandler is only asked to handle one Callback instance at at time rather than an array of all Callbacks, as the javax... CallbackHandler defines. Before a JaasAuthenticationCallbackHandler is asked to 'handle' any callbacks, it is first passed the Authentication object that the login attempt is for. NOTE: The Authentication object has not been 'authenticated' yet.
• RememberMeAuthenticationProvider: An org.acegisecurity.providers.AuthenticationProvider implementation that validates RememberMeAuthenticationToken s. To be successfully validated, the must match this class' getKey() 55 .
• X509UserCache: Provides a cache of org.acegisecurity.userdetails.UserDetails objects for the X509AuthenticationProvider . Similar in function to the org.acegisecurity.providers.dao.UserCache used by the Dao provider, but the cache is keyed with the user's certificate rather than the user name.
• TicketValidator: Validates a CAS service ticket. Implementations must accept CAS proxy tickets, in addition to CAS service tickets. If proxy tickets should be rejected, this is resolved by a CasProxyDecider implementation (not by the TicketValidator ). Implementations may request a proxy granting ticket if wish, although this behaviour is not mandatory.
• X509AuthoritiesPopulator: Populates the UserDetails associated with the X.509 certificate presented by a client. Although the certificate will already have been validated by the web container, implementations may choose to perform additional application-specific checks on the certificate content here. If an implementation chooses to reject the certificate, it should throw a org.acegisecurity.BadCredentialsException .
• UserCache: Provides a cache of org.acegisecurity.userdetails.User objects. Implementations should provide appropriate methods to set their cache parameters (eg time-to-live) and/or force removal of entities before their normal expiration. These are not part of the UserCache interface contract because they vary depending on the type of caching system used (eg in-memory vs disk vs cluster vs hybrid).
• UsernamePasswordAuthenticationToken: An org.acegisecurity.Authentication implementation that is designed for simple presentation of a username and password. The principal and credentials should be set with an Object that provides the respective property via its Object.toString() method. The simplest such Object to use is String .
• ProviderNotFoundException: Thrown by ProviderManager if no AuthenticationProvider could be found that supports the presented org.acegisecurity.Authentication object.
• LoginExceptionResolver: The JaasAuthenticationProvider takes an instance of LoginExceptionResolver to resolve LoginModule specific exceptions to Acegi exceptions. For instance, a configured login module could throw a ScrewedUpPasswordException that extends LoginException, in this instance the LoginExceptionResolver implementation would return a org.acegisecurity.BadCredentialsException .
• DaoCasAuthoritiesPopulator: Populates the CAS authorities via an org.acegisecurity.userdetails.UserDetailsService . The additional information (username, password, enabled status etc) an AuthenticationDao implementation provides about a User is ignored. Only the GrantedAuthority s are relevant to this class.
• TestingAuthenticationToken: An org.acegisecurity.Authentication implementation that is designed for use whilst unit testing. The corresponding authentication provider is TestingAuthenticationProvider .
• ReflectionSaltSource: Obtains a salt from a specified property of the User object. This allows you to subclass User and provide an additional bean getter for a salt. You should use a synthetic value that does not change, such as a database primary key. Do not use username if it is likely to change.
• SystemWideSaltSource: Uses a static system-wide String as the salt. Does not supply a different salt for each User . This means users sharing the same password will still have the same digested password. Of benefit is the digested passwords will at least be more protected than if stored without any salt.
• RemoteAuthenticationException: Thrown if a RemoteAuthenticationManager cannot validate the presented authentication request. This is thrown rather than the normal AuthenticationException because AuthenticationException contains additional properties which may cause issues for the remoting protocol.
| Home | Contact Us | Privacy Policy | Terms of Service |